Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/RRXv77ic8-YnL2L0BrEWnnilces.roa
File: RRXv77ic8-YnL2L0BrEWnnilces.roa (raw, json)
Hash identifier: oObWYvqL50IXeyb91XFkxYV2GVpxyr296NJwG9LKFJk=
Subject key identifier: 45:15:EF:EF:B8:9C:F3:E6:27:2F:62:F4:06:B1:16:9E:78:A5:71:EB
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 019427B42BC269B4AB149F1640E787054310
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/RRXv77ic8-YnL2L0BrEWnnilces.roa
Signing time: Thu 02 Jan 2025 15:48:26 +0000
ROA not before: Thu 02 Jan 2025 15:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210906
IP address blocks: 82.140.129.0/24 maxlen: 24
84.46.204.0/24 maxlen: 24
84.46.207.0/24 maxlen: 24
86.38.26.0/24 maxlen: 24
86.38.36.0/24 maxlen: 24
86.38.154.0/24 maxlen: 24
86.38.222.0/24 maxlen: 24
86.38.234.0/24 maxlen: 24
86.38.236.0/24 maxlen: 24
89.116.14.0/24 maxlen: 24
89.116.71.0/24 maxlen: 24
89.116.77.0/24 maxlen: 24
89.116.78.0/24 maxlen: 24
89.116.90.0/24 maxlen: 24
89.116.93.0/24 maxlen: 24
89.116.97.0/24 maxlen: 24
89.117.208.0/24 maxlen: 24
89.117.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:2b:c2:69:b4:ab:14:9f:16:40:e7:87:05:43:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Jan 2 15:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4515efefb89cf3e6272f62f406b1169e78a571eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:42:dc:2b:3c:08:7b:ff:bf:19:3f:50:17:3b:
4f:f2:81:a8:af:bc:66:0a:b1:ea:75:82:75:bf:c8:
76:3d:e0:d3:9d:6a:5c:e1:56:68:a7:42:06:19:fa:
32:a6:01:06:96:34:b9:ff:31:71:f3:ac:ae:c2:11:
3f:1b:d2:a5:35:8d:bc:88:3d:7a:25:ad:0d:5d:02:
3d:f1:36:1b:90:15:2d:7b:2b:e9:4f:ce:41:61:04:
6c:3d:51:ac:0f:b7:0d:ff:f4:c3:0a:12:8d:3d:9a:
6b:a1:53:24:4b:ed:15:0e:d7:3c:fe:10:b5:63:b4:
f1:ba:17:63:1c:52:a8:dc:c2:f8:6d:41:ce:0e:5d:
b7:ba:c5:b0:65:72:fb:f1:59:13:fe:3f:87:83:47:
5e:d9:a9:f2:9d:34:81:d2:36:04:c1:03:b2:21:df:
ca:e6:17:b3:42:1a:60:47:c9:32:dc:93:c9:98:df:
06:bc:b1:ce:68:92:fc:ae:94:76:b2:ba:32:b2:fb:
c8:fb:ee:ba:bc:b9:0c:5e:53:7f:1a:5c:08:83:35:
05:c6:10:9c:59:4c:05:87:26:48:5d:50:67:bf:8d:
70:09:22:e1:59:8f:3f:d0:27:8b:63:b8:c9:60:f2:
8f:88:5d:f7:d8:4b:e8:b6:97:d6:ef:b4:7f:ba:d0:
d7:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:15:EF:EF:B8:9C:F3:E6:27:2F:62:F4:06:B1:16:9E:78:A5:71:EB
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/RRXv77ic8-YnL2L0BrEWnnilces.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.129.0/24
84.46.204.0/24
84.46.207.0/24
86.38.26.0/24
86.38.36.0/24
86.38.154.0/24
86.38.222.0/24
86.38.234.0/24
86.38.236.0/24
89.116.14.0/24
89.116.71.0/24
89.116.77.0-89.116.78.255
89.116.90.0/24
89.116.93.0/24
89.116.97.0/24
89.117.208.0/24
89.117.243.0/24
Signature Algorithm: sha256WithRSAEncryption
74:7e:80:56:1c:af:54:88:7b:52:22:e6:7f:75:5b:a3:d6:c4:
88:64:ee:a6:7d:36:b9:e0:25:04:9b:ca:cd:9d:7f:c4:0e:d2:
4e:1a:52:62:c9:b8:05:31:6e:0f:ff:60:72:58:00:3f:fa:b6:
c1:bd:89:f2:0c:21:df:dd:5b:73:7c:40:9b:a8:12:24:47:8d:
17:fe:0b:ee:25:24:2e:84:a9:9c:d4:43:77:02:2b:a5:de:df:
09:a9:83:06:26:8b:85:6a:23:e1:e5:9e:59:12:5a:1e:d1:6e:
db:7c:c2:93:fa:de:af:c3:ac:86:53:20:35:5f:26:ab:8c:7e:
1a:1b:f8:b8:73:90:e0:9b:74:ea:c9:69:cd:1f:e7:3c:60:af:
5c:40:d7:23:85:c8:87:2e:6b:dc:ab:33:e0:e6:32:62:e4:69:
1d:9a:97:85:48:22:ad:f6:0b:6e:52:2d:b4:4b:1f:9b:5d:d0:
fd:36:ef:d5:f5:02:8c:57:a5:ca:4e:0e:f0:08:14:01:8d:6b:
f1:8f:df:c5:b5:c0:d7:2f:f5:4f:44:7b:cd:e4:7b:63:84:b1:
d2:b3:e6:7c:d1:31:d4:45:14:e4:b0:9a:5a:eb:6d:24:40:d2:
72:dd:1d:f0:b7:00:02:4d:08:b3:0b:f2:10:97:80:5e:0e:cc:
6d:0b:6a:9e
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZQntCvCabSrFJ8WQOeHBUMQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjUwMTAyMTU0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTE1ZWZlZmI4OWNmM2U2MjcyZjYyZjQwNmIxMTY5ZTc4YTU3MWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnULcKzwIe/+/GT9QFztP8oGor7xm
CrHqdYJ1v8h2PeDTnWpc4VZop0IGGfoypgEGljS5/zFx86yuwhE/G9KlNY28iD16
Ja0NXQI98TYbkBUteyvpT85BYQRsPVGsD7cN//TDChKNPZproVMkS+0VDtc8/hC1
Y7TxuhdjHFKo3ML4bUHODl23usWwZXL78VkT/j+Hg0de2anynTSB0jYEwQOyId/K
5hezQhpgR8ky3JPJmN8GvLHOaJL8rpR2sroysvvI++66vLkMXlN/GlwIgzUFxhCc
WUwFhyZIXVBnv41wCSLhWY8/0CeLY7jJYPKPiF332EvotpfW77R/utDXWQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFEUV7++4nPPmJy9i9AaxFp54pXHrMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvUlJYdjc3aWM4LVluTDJMMEJyRVdubmlsY2VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAFKMgQME
AFQuzAMEAFQuzwMEAFYmGgMEAFYmJAMEAFYmmgMEAFYm3gMEAFYm6gMEAFYm7AME
AFl0DgMEAFl0RzAMAwQAWXRNAwQAWXROAwQAWXRaAwQAWXRdAwQAWXRhAwQAWXXQ
AwQAWXXzMA0GCSqGSIb3DQEBCwUAA4IBAQB0foBWHK9UiHtSIuZ/dVuj1sSIZO6m
fTa54CUEm8rNnX/EDtJOGlJiybgFMW4P/2ByWAA/+rbBvYnyDCHf3VtzfECbqBIk
R40X/gvuJSQuhKmc1EN3Aiul3t8JqYMGJouFaiPh5Z5ZEloe0W7bfMKT+t6vw6yG
UyA1XyarjH4aG/i4c5Dgm3TqyWnNH+c8YK9cQNcjhciHLmvcqzPg5jJi5GkdmpeF
SCKt9gtuUi20Sx+bXdD9Nu/V9QKMV6XKTg7wCBQBjWvxj9/FtcDXL/VPRHvN5Htj
hLHSs+Z80THURRTksJpa620kQNJy3R3wtwACTQizC/IQl4BeDsxtC2qe
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:28 2025 by rpki-client